diff --git a/Dockerfiles/agent/alpine/Dockerfile b/Dockerfiles/agent/alpine/Dockerfile
index 44a1769d2..2ed0237ee 100644
--- a/Dockerfiles/agent/alpine/Dockerfile
+++ b/Dockerfiles/agent/alpine/Dockerfile
@@ -59,7 +59,6 @@ RUN set -eux && \
             --shell /sbin/nologin \
             --home /var/lib/zabbix/ \
         zabbix && \
-    adduser zabbix root && \
     mkdir -p /etc/zabbix && \
     mkdir -p /etc/zabbix/zabbix_agentd.d && \
     mkdir -p /var/lib/zabbix && \
diff --git a/Dockerfiles/agent/centos/Dockerfile b/Dockerfiles/agent/centos/Dockerfile
index 49faca79b..58d67849d 100644
--- a/Dockerfiles/agent/centos/Dockerfile
+++ b/Dockerfiles/agent/centos/Dockerfile
@@ -55,7 +55,7 @@ RUN set -eux && \
         zabbix && \
     useradd \
             --system --comment "Zabbix monitoring system" \
-            -g zabbix -G root \
+            -g zabbix \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/agent/ol/Dockerfile b/Dockerfiles/agent/ol/Dockerfile
index 07b7f4ec8..bfb2c8768 100644
--- a/Dockerfiles/agent/ol/Dockerfile
+++ b/Dockerfiles/agent/ol/Dockerfile
@@ -57,7 +57,7 @@ RUN set -eux && \
     useradd \
             --system \
             --comment "Zabbix monitoring system" \
-            -g zabbix -G root \
+            -g zabbix \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/agent/rhel/Dockerfile b/Dockerfiles/agent/rhel/Dockerfile
index 9644a49d3..50032478e 100644
--- a/Dockerfiles/agent/rhel/Dockerfile
+++ b/Dockerfiles/agent/rhel/Dockerfile
@@ -82,7 +82,7 @@ RUN set -eux && \
     useradd \
             --system \
             --comment "Zabbix monitoring system" \
-            -g zabbix -G root \
+            -g zabbix \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/agent/ubuntu/Dockerfile b/Dockerfiles/agent/ubuntu/Dockerfile
index 8f1501c4a..1c5e01a2d 100644
--- a/Dockerfiles/agent/ubuntu/Dockerfile
+++ b/Dockerfiles/agent/ubuntu/Dockerfile
@@ -55,7 +55,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/agent2/alpine/Dockerfile b/Dockerfiles/agent2/alpine/Dockerfile
index 80d6d30f8..1fdeb0a9e 100644
--- a/Dockerfiles/agent2/alpine/Dockerfile
+++ b/Dockerfiles/agent2/alpine/Dockerfile
@@ -62,7 +62,7 @@ RUN set -eux && \
             --shell /sbin/nologin \
             --home /var/lib/zabbix/ \
         zabbix && \
-    adduser zabbix root && \
+    echo "zabbix ALL=(root) NOPASSWD: /usr/sbin/smartctl" >> /etc/sudoers.d/zabbix && \
     mkdir -p /etc/zabbix && \
     mkdir -p /etc/zabbix/zabbix_agentd.d && \
     mkdir -p /var/lib/zabbix && \
diff --git a/Dockerfiles/agent2/centos/Dockerfile b/Dockerfiles/agent2/centos/Dockerfile
index 0912a2db2..c27ea5ea2 100644
--- a/Dockerfiles/agent2/centos/Dockerfile
+++ b/Dockerfiles/agent2/centos/Dockerfile
@@ -63,11 +63,11 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
+    echo "zabbix ALL=(root) NOPASSWD: /usr/sbin/smartctl" >> /etc/sudoers.d/zabbix && \
     mkdir -p /etc/zabbix && \
     mkdir -p /etc/zabbix/zabbix_agentd.d && \
     mkdir -p /var/lib/zabbix && \
diff --git a/Dockerfiles/agent2/ol/Dockerfile b/Dockerfiles/agent2/ol/Dockerfile
index 595fbe9ea..c41f48cce 100644
--- a/Dockerfiles/agent2/ol/Dockerfile
+++ b/Dockerfiles/agent2/ol/Dockerfile
@@ -64,11 +64,11 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
+    echo "zabbix ALL=(root) NOPASSWD: /usr/sbin/smartctl" >> /etc/sudoers.d/zabbix && \
     mkdir -p /etc/zabbix && \
     mkdir -p /etc/zabbix/zabbix_agentd.d && \
     mkdir -p /var/lib/zabbix && \
diff --git a/Dockerfiles/agent2/rhel/Dockerfile b/Dockerfiles/agent2/rhel/Dockerfile
index edda74eb8..0e744e379 100644
--- a/Dockerfiles/agent2/rhel/Dockerfile
+++ b/Dockerfiles/agent2/rhel/Dockerfile
@@ -90,11 +90,11 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
+    echo "zabbix ALL=(root) NOPASSWD: /usr/sbin/smartctl" >> /etc/sudoers.d/zabbix && \
     mkdir -p /etc/zabbix && \
     mkdir -p /etc/zabbix/zabbix_agentd.d && \
     mkdir -p /var/lib/zabbix && \
diff --git a/Dockerfiles/agent2/ubuntu/Dockerfile b/Dockerfiles/agent2/ubuntu/Dockerfile
index ff3170f90..f1d27112b 100644
--- a/Dockerfiles/agent2/ubuntu/Dockerfile
+++ b/Dockerfiles/agent2/ubuntu/Dockerfile
@@ -60,11 +60,11 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
+    echo "zabbix ALL=(root) NOPASSWD: /usr/sbin/smartctl" >> /etc/sudoers.d/zabbix && \
     mkdir -p /etc/zabbix && \
     mkdir -p /etc/zabbix/zabbix_agentd.d && \
     mkdir -p /var/lib/zabbix && \
diff --git a/Dockerfiles/java-gateway/alpine/Dockerfile b/Dockerfiles/java-gateway/alpine/Dockerfile
index d93e24294..90ecdec90 100644
--- a/Dockerfiles/java-gateway/alpine/Dockerfile
+++ b/Dockerfiles/java-gateway/alpine/Dockerfile
@@ -50,7 +50,6 @@ RUN set -eux && \
             --shell /sbin/nologin \
             --home /var/lib/zabbix/ \
         zabbix && \
-    adduser zabbix root && \
     mkdir -p /etc/zabbix/ && \
     mkdir -p /usr/sbin/zabbix_java/ && \
     mkdir -p /usr/sbin/zabbix_java/ext_lib/ && \
diff --git a/Dockerfiles/java-gateway/centos/Dockerfile b/Dockerfiles/java-gateway/centos/Dockerfile
index 065bbdf86..67c94903b 100644
--- a/Dockerfiles/java-gateway/centos/Dockerfile
+++ b/Dockerfiles/java-gateway/centos/Dockerfile
@@ -49,7 +49,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/java-gateway/ol/Dockerfile b/Dockerfiles/java-gateway/ol/Dockerfile
index 0a71f463d..2a18404c6 100644
--- a/Dockerfiles/java-gateway/ol/Dockerfile
+++ b/Dockerfiles/java-gateway/ol/Dockerfile
@@ -49,7 +49,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/java-gateway/rhel/Dockerfile b/Dockerfiles/java-gateway/rhel/Dockerfile
index 63e6950b0..61dad4a75 100644
--- a/Dockerfiles/java-gateway/rhel/Dockerfile
+++ b/Dockerfiles/java-gateway/rhel/Dockerfile
@@ -69,7 +69,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/java-gateway/ubuntu/Dockerfile b/Dockerfiles/java-gateway/ubuntu/Dockerfile
index c57592aa7..fd90be57e 100644
--- a/Dockerfiles/java-gateway/ubuntu/Dockerfile
+++ b/Dockerfiles/java-gateway/ubuntu/Dockerfile
@@ -45,7 +45,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/proxy-mysql/alpine/Dockerfile b/Dockerfiles/proxy-mysql/alpine/Dockerfile
index 7d86285f9..dbb307deb 100644
--- a/Dockerfiles/proxy-mysql/alpine/Dockerfile
+++ b/Dockerfiles/proxy-mysql/alpine/Dockerfile
@@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
       org.opencontainers.image.description="Zabbix proxy with MySQL database support" \
@@ -36,10 +37,10 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_proxy.sql
 RUN set -eux && \
     INSTALL_PKGS="bash \
             tini \
-            sudo \
             traceroute \
             nmap \
             iputils \
+            libcap \
             libcurl \
             libevent \
             libldap \
@@ -69,8 +70,8 @@ RUN set -eux && \
             --shell /sbin/nologin \
             --home /var/lib/zabbix/ \
         zabbix && \
-    adduser zabbix root && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /var/lib/zabbix/enc && \
diff --git a/Dockerfiles/proxy-mysql/centos/Dockerfile b/Dockerfiles/proxy-mysql/centos/Dockerfile
index 1420ce44c..67005539f 100644
--- a/Dockerfiles/proxy-mysql/centos/Dockerfile
+++ b/Dockerfiles/proxy-mysql/centos/Dockerfile
@@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
       org.opencontainers.image.description="Zabbix proxy with MySQL database support" \
@@ -37,7 +38,6 @@ RUN set -eux && \
     REPOLIST="baseos,appstream,epel" && \
     INSTALL_PKGS="libevent \
             tini \
-            sudo \
             traceroute \
             nmap \
             gzip \
@@ -71,12 +71,12 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /var/lib/zabbix/enc && \
diff --git a/Dockerfiles/proxy-mysql/ol/Dockerfile b/Dockerfiles/proxy-mysql/ol/Dockerfile
index ab5b2b0ca..a2a2a66f5 100644
--- a/Dockerfiles/proxy-mysql/ol/Dockerfile
+++ b/Dockerfiles/proxy-mysql/ol/Dockerfile
@@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
       org.opencontainers.image.description="Zabbix proxy with MySQL database support" \
@@ -37,7 +38,6 @@ COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel
 RUN set -eux && \
     INSTALL_PKGS="libevent \
             tini \
-            sudo \
             traceroute \
             nmap \
             gzip \
@@ -72,12 +72,12 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /var/lib/zabbix/enc && \
diff --git a/Dockerfiles/proxy-mysql/rhel/Dockerfile b/Dockerfiles/proxy-mysql/rhel/Dockerfile
index 16c59c684..2c5974826 100644
--- a/Dockerfiles/proxy-mysql/rhel/Dockerfile
+++ b/Dockerfiles/proxy-mysql/rhel/Dockerfile
@@ -15,7 +15,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL description="Zabbix proxy with MySQL database support" \
       maintainer="alexey.pustovalov@zabbix.com" \
@@ -55,7 +56,6 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_proxy.sql
 RUN set -eux && \
     INSTALL_PKGS="bash \
             tini \
-            sudo \
             traceroute \
             nmap \
             shadow-utils \
@@ -101,12 +101,12 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /var/lib/zabbix/enc && \
diff --git a/Dockerfiles/proxy-mysql/ubuntu/Dockerfile b/Dockerfiles/proxy-mysql/ubuntu/Dockerfile
index 49edc89c0..c532a5d0e 100644
--- a/Dockerfiles/proxy-mysql/ubuntu/Dockerfile
+++ b/Dockerfiles/proxy-mysql/ubuntu/Dockerfile
@@ -14,7 +14,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
       org.opencontainers.image.description="Zabbix proxy with MySQL database support" \
@@ -36,8 +37,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_proxy.sql
 
 RUN set -eux && \
     echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
-    INSTALL_PKGS="tini \
-            sudo \
+    INSTALL_PKGS="bash \
+            tini \
             traceroute \
             nmap \
             ca-certificates \
@@ -66,12 +67,12 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /var/lib/zabbix/enc && \
diff --git a/Dockerfiles/proxy-sqlite3/alpine/Dockerfile b/Dockerfiles/proxy-sqlite3/alpine/Dockerfile
index 38436938b..e960f5d3a 100644
--- a/Dockerfiles/proxy-sqlite3/alpine/Dockerfile
+++ b/Dockerfiles/proxy-sqlite3/alpine/Dockerfile
@@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
       org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \
@@ -35,11 +36,11 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/
 RUN set -eux && \
     INSTALL_PKGS="bash \
             tini \
-            sudo \
             traceroute \
             nmap \
             fping \
             iputils \
+            libcap \
             libcurl \
             libevent \
             libldap \
@@ -67,8 +68,8 @@ RUN set -eux && \
             --shell /sbin/nologin \
             --home /var/lib/zabbix/ \
         zabbix && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
-    adduser zabbix root && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /var/lib/zabbix/db_data && \
diff --git a/Dockerfiles/proxy-sqlite3/centos/Dockerfile b/Dockerfiles/proxy-sqlite3/centos/Dockerfile
index 37b1b5273..f870b3e33 100644
--- a/Dockerfiles/proxy-sqlite3/centos/Dockerfile
+++ b/Dockerfiles/proxy-sqlite3/centos/Dockerfile
@@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
       org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \
@@ -36,7 +37,6 @@ RUN set -eux && \
     REPOLIST="baseos,appstream,epel" && \
     INSTALL_PKGS="libevent \
             tini \
-            sudo \
             traceroute \
             nmap \
             libssh \
@@ -67,12 +67,12 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /var/lib/zabbix/db_data && \
diff --git a/Dockerfiles/proxy-sqlite3/ol/Dockerfile b/Dockerfiles/proxy-sqlite3/ol/Dockerfile
index 4a5494332..1dcc9670d 100644
--- a/Dockerfiles/proxy-sqlite3/ol/Dockerfile
+++ b/Dockerfiles/proxy-sqlite3/ol/Dockerfile
@@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
       org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \
@@ -36,7 +37,6 @@ COPY ["conf/etc/yum.repos.d/oracle-epel-ol8.repo", "/etc/yum.repos.d/oracle-epel
 RUN set -eux && \
     INSTALL_PKGS="libevent \
             tini \
-            sudo \
             traceroute \
             nmap \
             libssh \
@@ -68,12 +68,12 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /var/lib/zabbix/db_data && \
diff --git a/Dockerfiles/proxy-sqlite3/rhel/Dockerfile b/Dockerfiles/proxy-sqlite3/rhel/Dockerfile
index 8e71ef3b7..0ca009833 100644
--- a/Dockerfiles/proxy-sqlite3/rhel/Dockerfile
+++ b/Dockerfiles/proxy-sqlite3/rhel/Dockerfile
@@ -15,7 +15,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL description="Zabbix proxy with SQLite3 database support" \
       maintainer="alexey.pustovalov@zabbix.com" \
@@ -54,7 +55,6 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/
 RUN set -eux && \
     INSTALL_PKGS="bash \
             tini \
-            sudo \
             traceroute \
             nmap \
             shadow-utils \
@@ -97,12 +97,12 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /var/lib/zabbix/db_data && \
diff --git a/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile b/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile
index e484854f6..d2ee3e63b 100644
--- a/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile
+++ b/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile
@@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
       org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \
@@ -36,7 +37,6 @@ RUN set -eux && \
     echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
     INSTALL_PKGS="bash \
             tini \
-            sudo \
             traceroute \
             nmap \
             ca-certificates \
@@ -64,12 +64,12 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /var/lib/zabbix/db_data && \
diff --git a/Dockerfiles/server-mysql/alpine/Dockerfile b/Dockerfiles/server-mysql/alpine/Dockerfile
index 29bcea3fb..50287f4e9 100644
--- a/Dockerfiles/server-mysql/alpine/Dockerfile
+++ b/Dockerfiles/server-mysql/alpine/Dockerfile
@@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
       org.opencontainers.image.description="Zabbix server with MySQL database support" \
@@ -37,11 +38,11 @@ RUN set -eux && \
     INSTALL_PKGS="bash \
             tini \
             fping \
-            sudo \
             traceroute \
             nmap \
             tzdata \
             iputils \
+            libcap \
             libcurl \
             libevent \
             libldap \
@@ -70,9 +71,9 @@ RUN set -eux && \
             --shell /sbin/nologin \
             --home /var/lib/zabbix/ \
         zabbix && \
-    adduser zabbix root && \
     adduser zabbix dialout && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /usr/lib/zabbix/alertscripts && \
diff --git a/Dockerfiles/server-mysql/centos/Dockerfile b/Dockerfiles/server-mysql/centos/Dockerfile
index eaa484222..5b2eec92c 100644
--- a/Dockerfiles/server-mysql/centos/Dockerfile
+++ b/Dockerfiles/server-mysql/centos/Dockerfile
@@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
       org.opencontainers.image.description="Zabbix server with MySQL database support" \
@@ -37,7 +38,6 @@ RUN set -eux && \
     REPOLIST="baseos,appstream,epel" && \
     INSTALL_PKGS="fping \
             tini \
-            sudo \
             traceroute \
             nmap \
             file-libs \
@@ -73,12 +73,13 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root,dialout \
+            -G dialout \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /usr/lib/zabbix/alertscripts && \
diff --git a/Dockerfiles/server-mysql/ol/Dockerfile b/Dockerfiles/server-mysql/ol/Dockerfile
index 8e63c84b3..9871c2f5e 100644
--- a/Dockerfiles/server-mysql/ol/Dockerfile
+++ b/Dockerfiles/server-mysql/ol/Dockerfile
@@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
       org.opencontainers.image.description="Zabbix server with MySQL database support" \
@@ -38,7 +39,6 @@ RUN set -eux && \
     INSTALL_PKGS="bash \
             fping \
             tini \
-            sudo \
             traceroute \
             nmap \
             file-libs \
@@ -75,12 +75,13 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root,dialout \
+            -G dialout \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /usr/lib/zabbix/alertscripts && \
diff --git a/Dockerfiles/server-mysql/rhel/Dockerfile b/Dockerfiles/server-mysql/rhel/Dockerfile
index cb6c459f1..fb831a952 100644
--- a/Dockerfiles/server-mysql/rhel/Dockerfile
+++ b/Dockerfiles/server-mysql/rhel/Dockerfile
@@ -15,7 +15,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL description="Zabbix server with MySQL database support" \
       maintainer="alexey.pustovalov@zabbix.com" \
@@ -55,7 +56,6 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_server.sq
 RUN set -eux && \
     INSTALL_PKGS="bash \
             tini \
-            sudo \
             traceroute \
             nmap \
             fping \
@@ -103,12 +103,13 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
+            -G dialout \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /usr/lib/zabbix/alertscripts && \
diff --git a/Dockerfiles/server-mysql/ubuntu/Dockerfile b/Dockerfiles/server-mysql/ubuntu/Dockerfile
index c89721c4a..bd12f5947 100644
--- a/Dockerfiles/server-mysql/ubuntu/Dockerfile
+++ b/Dockerfiles/server-mysql/ubuntu/Dockerfile
@@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
       org.opencontainers.image.description="Zabbix server with MySQL database support" \
@@ -37,7 +38,6 @@ RUN set -eux && \
     echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
     INSTALL_PKGS="bash \
             tini \
-            sudo \
             traceroute \
             nmap \
             tzdata \
@@ -69,12 +69,13 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root,dialout \
+            -G dialout \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /usr/lib/zabbix/alertscripts && \
diff --git a/Dockerfiles/server-pgsql/alpine/Dockerfile b/Dockerfiles/server-pgsql/alpine/Dockerfile
index 54dcba7e1..b0b11174a 100644
--- a/Dockerfiles/server-pgsql/alpine/Dockerfile
+++ b/Dockerfiles/server-pgsql/alpine/Dockerfile
@@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
       org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \
@@ -37,7 +38,6 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/timescaledb
 RUN set -eux && \
     INSTALL_PKGS="bash \
             tini \
-            sudo \
             traceroute \
             nmap \
             fping \
@@ -71,9 +71,9 @@ RUN set -eux && \
             --shell /sbin/nologin \
             --home /var/lib/zabbix/ \
         zabbix && \
-    adduser zabbix root && \
     adduser zabbix dialout && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /usr/lib/zabbix/alertscripts && \
diff --git a/Dockerfiles/server-pgsql/centos/Dockerfile b/Dockerfiles/server-pgsql/centos/Dockerfile
index 38f45716c..754412278 100644
--- a/Dockerfiles/server-pgsql/centos/Dockerfile
+++ b/Dockerfiles/server-pgsql/centos/Dockerfile
@@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
       org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \
@@ -39,7 +40,6 @@ RUN set -eux && \
     INSTALL_PKGS="fping \
             file-libs \
             tini \
-            sudo \
             traceroute \
             nmap \
             iputils \
@@ -73,12 +73,13 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root,dialout \
+            -G dialout \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /usr/lib/zabbix/alertscripts && \
diff --git a/Dockerfiles/server-pgsql/ol/Dockerfile b/Dockerfiles/server-pgsql/ol/Dockerfile
index 5170c1fa3..50a90da14 100644
--- a/Dockerfiles/server-pgsql/ol/Dockerfile
+++ b/Dockerfiles/server-pgsql/ol/Dockerfile
@@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \
       org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
@@ -39,7 +40,6 @@ RUN set -eux && \
     INSTALL_PKGS="fping \
             file-libs \
             tini \
-            sudo \
             traceroute \
             nmap \
             iputils \
@@ -75,12 +75,13 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root,dialout \
+            -G dialout \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /usr/lib/zabbix/alertscripts && \
diff --git a/Dockerfiles/server-pgsql/ubuntu/Dockerfile b/Dockerfiles/server-pgsql/ubuntu/Dockerfile
index dca9553f7..e98a670b1 100644
--- a/Dockerfiles/server-pgsql/ubuntu/Dockerfile
+++ b/Dockerfiles/server-pgsql/ubuntu/Dockerfile
@@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git
 
 ENV TERM=xterm \
     ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \
-    MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL
+    MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \
+    NMAP_PRIVILEGED=""
 
 LABEL org.opencontainers.image.authors="Alexey Pustovalov <alexey.pustovalov@zabbix.com>" \
       org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \
@@ -38,7 +39,6 @@ RUN set -eux && \
     echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \
     INSTALL_PKGS="bash \
             tini \
-            sudo \
             traceroute \
             nmap \
             tzdata \
@@ -70,12 +70,13 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root,dialout \
+            -G dialout \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
         zabbix && \
-    echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \
+    chgrp zabbix /usr/bin/nmap && \
+    setcap cap_net_raw+eip /usr/bin/nmap && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /usr/lib/zabbix/alertscripts && \
diff --git a/Dockerfiles/snmptraps/alpine/Dockerfile b/Dockerfiles/snmptraps/alpine/Dockerfile
index c5562b3fd..e7eb6f01d 100644
--- a/Dockerfiles/snmptraps/alpine/Dockerfile
+++ b/Dockerfiles/snmptraps/alpine/Dockerfile
@@ -42,7 +42,6 @@ RUN set -eux && \
             --shell /sbin/nologin \
             --home /var/lib/zabbix/ \
         zabbix && \
-    adduser zabbix root && \
     mkdir -p /var/lib/zabbix && \
     mkdir -p /var/lib/zabbix/snmptraps && \
     mkdir -p /var/lib/zabbix/mibs && \
diff --git a/Dockerfiles/snmptraps/centos/Dockerfile b/Dockerfiles/snmptraps/centos/Dockerfile
index 79b2c7ac0..67aa6dec5 100644
--- a/Dockerfiles/snmptraps/centos/Dockerfile
+++ b/Dockerfiles/snmptraps/centos/Dockerfile
@@ -41,7 +41,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/snmptraps/ol/Dockerfile b/Dockerfiles/snmptraps/ol/Dockerfile
index 4649b67f4..4e89b89ad 100644
--- a/Dockerfiles/snmptraps/ol/Dockerfile
+++ b/Dockerfiles/snmptraps/ol/Dockerfile
@@ -41,7 +41,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/snmptraps/rhel/Dockerfile b/Dockerfiles/snmptraps/rhel/Dockerfile
index 359b2baac..fe331d99e 100644
--- a/Dockerfiles/snmptraps/rhel/Dockerfile
+++ b/Dockerfiles/snmptraps/rhel/Dockerfile
@@ -63,7 +63,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/snmptraps/ubuntu/Dockerfile b/Dockerfiles/snmptraps/ubuntu/Dockerfile
index 021281590..1c77ae8a3 100644
--- a/Dockerfiles/snmptraps/ubuntu/Dockerfile
+++ b/Dockerfiles/snmptraps/ubuntu/Dockerfile
@@ -39,7 +39,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-apache-mysql/alpine/Dockerfile b/Dockerfiles/web-apache-mysql/alpine/Dockerfile
index 3db5803df..1e4638792 100644
--- a/Dockerfiles/web-apache-mysql/alpine/Dockerfile
+++ b/Dockerfiles/web-apache-mysql/alpine/Dockerfile
@@ -73,7 +73,6 @@ RUN set -eux && \
             --shell /sbin/nologin \
             --home /var/lib/zabbix/ \
         zabbix && \
-    adduser zabbix root && \
     mkdir -p /etc/zabbix && \
     mkdir -p /etc/zabbix/web && \
     mkdir -p /etc/zabbix/web/certs && \
diff --git a/Dockerfiles/web-apache-mysql/centos/Dockerfile b/Dockerfiles/web-apache-mysql/centos/Dockerfile
index 27db25712..82800abba 100644
--- a/Dockerfiles/web-apache-mysql/centos/Dockerfile
+++ b/Dockerfiles/web-apache-mysql/centos/Dockerfile
@@ -66,7 +66,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-apache-mysql/ol/Dockerfile b/Dockerfiles/web-apache-mysql/ol/Dockerfile
index 5bab6813d..8e9328f01 100644
--- a/Dockerfiles/web-apache-mysql/ol/Dockerfile
+++ b/Dockerfiles/web-apache-mysql/ol/Dockerfile
@@ -67,7 +67,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-apache-mysql/ubuntu/Dockerfile b/Dockerfiles/web-apache-mysql/ubuntu/Dockerfile
index 257f5e8ff..fc8c5e6e1 100644
--- a/Dockerfiles/web-apache-mysql/ubuntu/Dockerfile
+++ b/Dockerfiles/web-apache-mysql/ubuntu/Dockerfile
@@ -57,7 +57,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-apache-pgsql/alpine/Dockerfile b/Dockerfiles/web-apache-pgsql/alpine/Dockerfile
index 430693274..b24f9bccc 100644
--- a/Dockerfiles/web-apache-pgsql/alpine/Dockerfile
+++ b/Dockerfiles/web-apache-pgsql/alpine/Dockerfile
@@ -72,7 +72,6 @@ RUN set -eux && \
             --shell /sbin/nologin \
             --home /var/lib/zabbix/ \
         zabbix && \
-    adduser zabbix root && \
     mkdir -p /etc/zabbix && \
     mkdir -p /etc/zabbix/web && \
     mkdir -p /etc/zabbix/web/certs && \
diff --git a/Dockerfiles/web-apache-pgsql/centos/Dockerfile b/Dockerfiles/web-apache-pgsql/centos/Dockerfile
index 0ce24277f..62134e1ed 100644
--- a/Dockerfiles/web-apache-pgsql/centos/Dockerfile
+++ b/Dockerfiles/web-apache-pgsql/centos/Dockerfile
@@ -65,7 +65,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-apache-pgsql/ol/Dockerfile b/Dockerfiles/web-apache-pgsql/ol/Dockerfile
index 98c93fcd8..acd97cec9 100644
--- a/Dockerfiles/web-apache-pgsql/ol/Dockerfile
+++ b/Dockerfiles/web-apache-pgsql/ol/Dockerfile
@@ -67,7 +67,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-apache-pgsql/ubuntu/Dockerfile b/Dockerfiles/web-apache-pgsql/ubuntu/Dockerfile
index c0c1537d5..656663ae7 100644
--- a/Dockerfiles/web-apache-pgsql/ubuntu/Dockerfile
+++ b/Dockerfiles/web-apache-pgsql/ubuntu/Dockerfile
@@ -57,7 +57,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-nginx-mysql/alpine/Dockerfile b/Dockerfiles/web-nginx-mysql/alpine/Dockerfile
index 3462e35f1..6aa1078a1 100644
--- a/Dockerfiles/web-nginx-mysql/alpine/Dockerfile
+++ b/Dockerfiles/web-nginx-mysql/alpine/Dockerfile
@@ -74,7 +74,6 @@ RUN set -eux && \
             --shell /sbin/nologin \
             --home /var/lib/zabbix/ \
         zabbix && \
-    adduser zabbix root && \
     mkdir -p /etc/zabbix && \
     mkdir -p /etc/zabbix/web && \
     mkdir -p /etc/zabbix/web/certs && \
diff --git a/Dockerfiles/web-nginx-mysql/centos/Dockerfile b/Dockerfiles/web-nginx-mysql/centos/Dockerfile
index 6a205a3ed..b5633a0b2 100644
--- a/Dockerfiles/web-nginx-mysql/centos/Dockerfile
+++ b/Dockerfiles/web-nginx-mysql/centos/Dockerfile
@@ -64,7 +64,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-nginx-mysql/ol/Dockerfile b/Dockerfiles/web-nginx-mysql/ol/Dockerfile
index ca056314b..d73374320 100644
--- a/Dockerfiles/web-nginx-mysql/ol/Dockerfile
+++ b/Dockerfiles/web-nginx-mysql/ol/Dockerfile
@@ -65,7 +65,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-nginx-mysql/rhel/Dockerfile b/Dockerfiles/web-nginx-mysql/rhel/Dockerfile
index fa7cc5bf5..460f9eda0 100644
--- a/Dockerfiles/web-nginx-mysql/rhel/Dockerfile
+++ b/Dockerfiles/web-nginx-mysql/rhel/Dockerfile
@@ -96,7 +96,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-nginx-mysql/ubuntu/Dockerfile b/Dockerfiles/web-nginx-mysql/ubuntu/Dockerfile
index 1fb2f0e6e..3877c61da 100644
--- a/Dockerfiles/web-nginx-mysql/ubuntu/Dockerfile
+++ b/Dockerfiles/web-nginx-mysql/ubuntu/Dockerfile
@@ -78,7 +78,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-nginx-pgsql/alpine/Dockerfile b/Dockerfiles/web-nginx-pgsql/alpine/Dockerfile
index d536a5e4c..b71cd5e86 100644
--- a/Dockerfiles/web-nginx-pgsql/alpine/Dockerfile
+++ b/Dockerfiles/web-nginx-pgsql/alpine/Dockerfile
@@ -73,7 +73,6 @@ RUN set -eux && \
             --shell /sbin/nologin \
             --home /var/lib/zabbix/ \
         zabbix && \
-    adduser zabbix root && \
     mkdir -p /etc/zabbix && \
     mkdir -p /etc/zabbix/web && \
     mkdir -p /etc/zabbix/web/certs && \
diff --git a/Dockerfiles/web-nginx-pgsql/centos/Dockerfile b/Dockerfiles/web-nginx-pgsql/centos/Dockerfile
index 3070a4695..a53271308 100644
--- a/Dockerfiles/web-nginx-pgsql/centos/Dockerfile
+++ b/Dockerfiles/web-nginx-pgsql/centos/Dockerfile
@@ -63,7 +63,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-nginx-pgsql/ol/Dockerfile b/Dockerfiles/web-nginx-pgsql/ol/Dockerfile
index da8f15656..50a51da3c 100644
--- a/Dockerfiles/web-nginx-pgsql/ol/Dockerfile
+++ b/Dockerfiles/web-nginx-pgsql/ol/Dockerfile
@@ -65,7 +65,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile b/Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile
index 08541811b..883382049 100644
--- a/Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile
+++ b/Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile
@@ -78,7 +78,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-service/alpine/Dockerfile b/Dockerfiles/web-service/alpine/Dockerfile
index 001ace0c3..c56428d53 100644
--- a/Dockerfiles/web-service/alpine/Dockerfile
+++ b/Dockerfiles/web-service/alpine/Dockerfile
@@ -49,7 +49,6 @@ RUN set -eux && \
             --shell /sbin/nologin \
             --home /var/lib/zabbix/ \
         zabbix && \
-    adduser zabbix root && \
     mkdir -p /etc/zabbix && \
     mkdir -p /var/lib/zabbix && \
     chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \
diff --git a/Dockerfiles/web-service/centos/Dockerfile b/Dockerfiles/web-service/centos/Dockerfile
index 48b786cd3..ffde427dc 100644
--- a/Dockerfiles/web-service/centos/Dockerfile
+++ b/Dockerfiles/web-service/centos/Dockerfile
@@ -50,7 +50,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-service/ol/Dockerfile b/Dockerfiles/web-service/ol/Dockerfile
index 85e86f13e..c3fc39ef2 100644
--- a/Dockerfiles/web-service/ol/Dockerfile
+++ b/Dockerfiles/web-service/ol/Dockerfile
@@ -51,7 +51,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-service/rhel/Dockerfile b/Dockerfiles/web-service/rhel/Dockerfile
index 0da722df4..5ceac37bb 100644
--- a/Dockerfiles/web-service/rhel/Dockerfile
+++ b/Dockerfiles/web-service/rhel/Dockerfile
@@ -78,7 +78,7 @@ RUN set -eux && \
     groupadd --system --gid 1995 zabbix && \
     useradd \
             --system --comment "Zabbix monitoring system" \
-            -g zabbix -G root \
+            -g zabbix \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \
diff --git a/Dockerfiles/web-service/ubuntu/Dockerfile b/Dockerfiles/web-service/ubuntu/Dockerfile
index 314351289..bc9a2c528 100644
--- a/Dockerfiles/web-service/ubuntu/Dockerfile
+++ b/Dockerfiles/web-service/ubuntu/Dockerfile
@@ -57,7 +57,6 @@ RUN set -eux && \
             --system \
             --comment "Zabbix monitoring system" \
             -g zabbix \
-            -G root \
             --uid 1997 \
             --shell /sbin/nologin \
             --home-dir /var/lib/zabbix/ \